Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/JMvzuj7TabENncCSzpTdtk1E86k.roa
File:                     JMvzuj7TabENncCSzpTdtk1E86k.roa (raw, json)
Hash identifier:          UrLP60Ea94nONn35mFwWgGGvHddzGY3pgrLlX2RqTuA=
Subject key identifier:   24:CB:F3:BA:3E:D3:69:B1:0D:9D:C0:92:CE:94:DD:B6:4D:44:F3:A9
Certificate issuer:       /CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
Certificate serial:       018CC5DC237B6F11BCF1E9B7A225EB0C6C01
Authority key identifier: 21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/JMvzuj7TabENncCSzpTdtk1E86k.roa
Signing time:             Mon 01 Jan 2024 16:29:47 +0000
ROA not before:           Mon 01 Jan 2024 16:29:47 +0000
ROA not after:            Tue 01 Jul 2025 00:00:00 +0000
asID:                     51569
IP address blocks:        83.139.202.0/23 maxlen: 24
                          83.139.212.0/22 maxlen: 24
                          83.139.216.0/22 maxlen: 24
                          85.31.160.0/21 maxlen: 24
                          83.139.220.0/23 maxlen: 24
                          83.139.224.0/20 maxlen: 24
                          83.139.244.0/23 maxlen: 24
                          83.139.242.0/23 maxlen: 24
                          45.132.208.0/22 maxlen: 24

Validation:               Failed, certificate revoked on Fri 15 Nov 2024 10:41:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:8c:c5:dc:23:7b:6f:11:bc:f1:e9:b7:a2:25:eb:0c:6c:01
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=21c394c9b3a36b69f9ee5f8936a2f51b95eaceb4
        Validity
            Not Before: Jan  1 16:29:47 2024 GMT
            Not After : Jul  1 00:00:00 2025 GMT
        Subject: CN=24cbf3ba3ed369b10d9dc092ce94ddb64d44f3a9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8c:a3:87:66:c4:1f:38:db:fc:01:b3:45:2a:
                    2f:43:64:06:d6:53:80:ce:86:14:7c:5c:75:8d:d7:
                    58:af:bd:7c:0e:84:5f:55:f4:71:ed:fa:bb:f3:2d:
                    dc:65:5a:62:9b:d6:47:7c:63:ad:ce:6f:fb:67:07:
                    cc:9e:b4:33:4b:85:d5:11:b8:24:bb:3e:ab:16:79:
                    0e:44:0c:fb:bb:28:2c:8a:56:fc:80:8f:6b:1d:c0:
                    36:b0:c2:bc:a6:6b:d1:99:2b:ef:b7:60:be:f3:24:
                    43:ee:c7:a6:f0:aa:3b:e6:23:9c:d7:99:47:5c:a9:
                    e8:64:66:af:a7:44:a6:4d:27:79:ad:c2:d1:9e:76:
                    41:dc:eb:c4:23:6b:ca:50:d5:9d:81:0a:df:f3:ab:
                    3b:b4:0f:e2:cd:2e:30:91:49:96:d6:78:63:18:bc:
                    5d:b2:cd:65:ad:38:50:40:b8:fd:f3:97:e0:fe:85:
                    3e:e8:a4:4e:3c:a1:f8:78:aa:d9:75:f9:41:e8:f9:
                    ea:4c:f2:49:59:bf:58:09:21:57:db:8a:7e:2e:5c:
                    1c:6f:af:79:fb:1a:e4:a0:fe:83:fe:93:3b:56:4b:
                    4c:02:05:12:ee:45:8c:5c:f9:95:ae:95:d5:57:bc:
                    8a:98:c0:95:dc:8a:08:2c:a7:98:b0:1c:f0:73:b2:
                    e3:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:CB:F3:BA:3E:D3:69:B1:0D:9D:C0:92:CE:94:DD:B6:4D:44:F3:A9
            X509v3 Authority Key Identifier:
                keyid:21:C3:94:C9:B3:A3:6B:69:F9:EE:5F:89:36:A2:F5:1B:95:EA:CE:B4

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IcOUybOja2n57l-JNqL1G5XqzrQ.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/JMvzuj7TabENncCSzpTdtk1E86k.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/61facc-669f-4456-963f-1e436dcb85c5/1/IcOUybOja2n57l-JNqL1G5XqzrQ.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.132.208.0/22
                  83.139.202.0/23
                  83.139.212.0-83.139.221.255
                  83.139.224.0/20
                  83.139.242.0-83.139.245.255
                  85.31.160.0/21

    Signature Algorithm: sha256WithRSAEncryption
         50:88:d6:21:4e:81:06:5b:f0:9f:8d:2a:bd:69:5e:19:2c:3b:
         24:46:b3:9b:b7:d7:a2:c2:d1:75:5f:84:10:54:d3:1e:81:43:
         e6:fc:1f:6d:4e:a1:f1:f1:00:04:c1:8b:3d:a6:61:9d:4b:8d:
         d9:b9:19:8d:a6:0d:f1:b3:82:8e:a9:0f:a2:50:90:04:ba:65:
         79:7e:16:14:ed:15:5c:be:73:10:02:ed:f7:1b:15:65:f7:f5:
         99:ba:e5:5c:cb:4e:92:e7:fa:d7:d4:3d:5b:e8:02:46:99:e9:
         45:ed:71:3d:0e:5b:0f:2e:b6:29:bc:95:9d:dd:ca:d0:68:3e:
         78:56:03:20:08:16:63:10:e7:43:f7:37:d7:6b:49:0b:b7:f1:
         5d:61:22:6a:89:2b:de:78:cc:8f:c5:61:f1:6c:7e:93:50:a5:
         72:d1:33:6e:7b:63:c9:02:09:ee:47:6a:87:d4:42:00:9b:5f:
         73:60:18:73:64:b9:6d:54:97:6a:01:40:61:8d:fc:4e:2e:56:
         5e:2a:5b:06:ef:49:ba:8e:ea:ea:66:f8:5f:70:b5:c1:8f:44:
         ee:26:9f:86:f0:a4:78:d7:de:2d:3d:c0:70:ce:e5:a8:a0:d4:
         9e:ca:95:a6:3d:45:a7:2e:08:09:d0:00:c7:be:cd:f4:e0:f1:
         73:63:84:f5
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzF3CN7bxG88em3oiXrDGwBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYzM5NGM5YjNhMzZiNjlmOWVlNWY4OTM2YTJmNTFiOTVl
YWNlYjQwHhcNMjQwMTAxMTYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGNiZjNiYTNlZDM2OWIxMGQ5ZGMwOTJjZTk0ZGRiNjRkNDRmM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4yjh2bEHzjb/AGzRSovQ2QG1lOA
zoYUfFx1jddYr718DoRfVfRx7fq78y3cZVpim9ZHfGOtzm/7ZwfMnrQzS4XVEbgk
uz6rFnkORAz7uygsilb8gI9rHcA2sMK8pmvRmSvvt2C+8yRD7sem8Ko75iOc15lH
XKnoZGavp0SmTSd5rcLRnnZB3OvEI2vKUNWdgQrf86s7tA/izS4wkUmW1nhjGLxd
ss1lrThQQLj985fg/oU+6KROPKH4eKrZdflB6PnqTPJJWb9YCSFX24p+Llwcb695
+xrkoP6D/pM7VktMAgUS7kWMXPmVrpXVV7yKmMCV3IoILKeYsBzwc7LjNQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFCTL87o+02mxDZ3Aks6U3bZNRPOpMB8GA1UdIwQY
MBaAFCHDlMmzo2tp+e5fiTai9RuV6s60MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWNPVXliT2phMm41N2wtSk5xTDFHNVhxenJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC82MWZhY2MtNjY5Zi00NDU2LTk2M2Yt
MWU0MzZkY2I4NWM1LzEvSk12enVqN1RhYkVObmNDU3pwVGR0azFFODZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC82MWZhY2MtNjY5Zi00NDU2LTk2M2YtMWU0MzZkY2I4NWM1
LzEvSWNPVXliT2phMm41N2wtSk5xTDFHNVhxenJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCLYTQAwQB
U4vKMAwDBAJTi9QDBAFTi9wDBARTi+AwDAMEAVOL8gMEAVOL9AMEA1UfoDANBgkq
hkiG9w0BAQsFAAOCAQEAUIjWIU6BBlvwn40qvWleGSw7JEazm7fXosLRdV+EEFTT
HoFD5vwfbU6h8fEABMGLPaZhnUuN2bkZjaYN8bOCjqkPolCQBLpleX4WFO0VXL5z
EALt9xsVZff1mbrlXMtOkuf619Q9W+gCRpnpRe1xPQ5bDy62KbyVnd3K0Gg+eFYD
IAgWYxDnQ/c312tJC7fxXWEiaokr3njMj8Vh8Wx+k1ClctEzbntjyQIJ7kdqh9RC
AJtfc2AYc2S5bVSXagFAYY38Ti5WXipbBu9Juo7q6mb4X3C1wY9E7iafhvCkeNfe
LT3AcM7lqKDUnsqVpj1Fpy4ICdAAx77N9ODxc2OE9Q==
-----END CERTIFICATE-----
Generated at Fri Nov 15 12:38:46 2024 by rpki-client on console-ams.rpki-client.org